package com.demo.security.filter;

import com.google.code.kaptcha.Constants;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.util.StringUtils;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

public class CodeFilter implements Filter {

	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {

		HttpServletRequest req = (HttpServletRequest) request;
		HttpServletResponse resp = (HttpServletResponse) response;

		String uri = req.getServletPath();


		if (uri.equals("/login") && req.getMethod().equalsIgnoreCase("post")) {


			String sessionCode = req.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY).toString();
			String formCode = req.getParameter("code").trim();

			if (StringUtils.isEmpty(formCode)) {
				throw new RuntimeException("验证码不能为空");
			}
			if (sessionCode.equalsIgnoreCase(formCode)) {

				System.out.println("验证通过");
				chain.doFilter(request, response);
				return;

			}
			System.out.println(req.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY));
			throw new AuthenticationServiceException("xx");
		}

		chain.doFilter(request, response);

	}
}
